Changelog Development Documentation Download libcurl Mailing Lists News
cURL / Mailing Lists / curl-library / Single Mail

curl-library

[PATCH curl 1/7] sasl: allow arbitrarily long username and password

From: Jonathan Nieder <jrnieder_at_gmail.com>
Date: Tue, 20 Aug 2013 00:47:40 -0700

Use appropriately sized buffers on the heap instead of fixed-size
buffers on the stack, to allow for longer usernames and passwords.

Callers never pass anything longer than MAX_CURL_USER_LENGTH (resp.
MAX_CURL_PASSWORD_LENGTH), so no functional change inteded yet. 

---
Changes since v1:
- Simplified by using aprintf()
- No longer using "goto out" idiom (the function is simple enough
  without it)
Thanks to Steve Holme for the review.
 lib/curl_sasl.c | 25 ++++++++++++++++---------
 1 file changed, 16 insertions(+), 9 deletions(-)
diff --git a/lib/curl_sasl.c b/lib/curl_sasl.c
index fcb00194..924be4bb 100644
--- a/lib/curl_sasl.c
+++ b/lib/curl_sasl.c
@@ -94,18 +94,18 @@ CURLcode Curl_sasl_create_plain_message(struct SessionHandle *data,
                                         const char *passwdp,
                                         char **outptr, size_t *outlen)
 {
-  char plainauth[2 * MAX_CURL_USER_LENGTH + MAX_CURL_PASSWORD_LENGTH];
+  CURLcode result;
+  char *plainauth;
   size_t ulen;
   size_t plen;
 
   ulen = strlen(userp);
   plen = strlen(passwdp);
 
-  if(2 * ulen + plen + 2 > sizeof(plainauth)) {
+  plainauth = malloc(2 * ulen + plen + 2);
+  if(!plainauth) {
     *outlen = 0;
     *outptr = NULL;
-
-    /* Plainauth too small */
     return CURLE_OUT_OF_MEMORY;
   }
 
@@ -117,8 +117,10 @@ CURLcode Curl_sasl_create_plain_message(struct SessionHandle *data,
   memcpy(plainauth + 2 * ulen + 2, passwdp, plen);
 
   /* Base64 encode the reply */
-  return Curl_base64_encode(data, plainauth, 2 * ulen + plen + 2, outptr,
-                            outlen);
+  result = Curl_base64_encode(data, plainauth, 2 * ulen + plen + 2, outptr,
+                              outlen);
+  Curl_safefree(plainauth);
+  return result;
 }
 
 /*
@@ -190,7 +192,7 @@ CURLcode Curl_sasl_create_cram_md5_message(struct SessionHandle *data,
   size_t chlglen = 0;
   HMAC_context *ctxt;
   unsigned char digest[MD5_DIGEST_LEN];
-  char response[MAX_CURL_USER_LENGTH + 2 * MD5_DIGEST_LEN + 1];
+  char *response;
 
   /* Decode the challenge if necessary */
   if(chlg64len && *chlg64 != '=') {
@@ -220,14 +222,19 @@ CURLcode Curl_sasl_create_cram_md5_message(struct SessionHandle *data,
   Curl_HMAC_final(ctxt, digest);
 
   /* Prepare the response */
-  snprintf(response, sizeof(response),
+  response = aprintf(
       "%s %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
            userp, digest[0], digest[1], digest[2], digest[3], digest[4],
            digest[5], digest[6], digest[7], digest[8], digest[9], digest[10],
            digest[11], digest[12], digest[13], digest[14], digest[15]);
+  if(!response)
+    return CURLE_OUT_OF_MEMORY;
 
   /* Base64 encode the reply */
-  return Curl_base64_encode(data, response, 0, outptr, outlen);
+  result = Curl_base64_encode(data, response, 0, outptr, outlen);
+
+  Curl_safefree(response);
+  return result;
 }
 
 /*
-- 
1.8.4.rc4
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette:  http://curl.haxx.se/mail/etiquette.html
Received on 2013-08-20